EC-COUNCIL EC-COUNCIL Certifications ECSAv8 Questions & Answers

• Question 51:

  John, a penetration tester from a pen test firm, was asked to collect information about the host file in a Windows system directory. Which of the following is the location of the host file in Window system directory?

  A. C:\Windows\System32\Boot

  B. C:\WINNT\system32\drivers\etc

  C. C:\WINDOWS\system32\cmd.exe

  D. C:\Windows\System32\restore

  Correct Answer: B

  Reference: http://en.wikipedia.org/wiki/Hosts_(file) (location in the file system, see the table)

• Question 52:

  Which among the following information is not furnished by the Rules of Engagement (ROE) document?

  A. Techniques for data collection from systems upon termination of the test

  B. Techniques for data exclusion from systems upon termination of the test

  C. Details on how data should be transmitted during and after the test

  D. Details on how organizational data is treated throughout and after the test

  Correct Answer: D

• Question 53:

  An attacker injects malicious query strings in user input fields to bypass web service authentication mechanisms and to access back-end databases. Which of the following attacks is this?

  A. Frame Injection Attack

  B. LDAP Injection Attack

  C. XPath Injection Attack

  D. SOAP Injection Attack

  Correct Answer: D

  Explanation: http://luizfirmino.blogspot.com/2011_09_01_archive.html

• Question 54:

  Identify the type of authentication mechanism represented below: A. NTLMv1

  

  B. NTLMv2

  C. LAN Manager Hash

  D. Kerberos

  Correct Answer: D

  The client authenticates itself to the Authentication Server (AS) which forwards the username to a key distribution center (KDC). The KDC issues a ticket granting ticket (TGT), which is time stamped, encrypts it using the user's password and returns the encrypted result to the user's workstation. This is done infrequently, typically at user logon; the TGT expires at some point, though may be transparently renewed by the user's session manager while they are logged in.

  When the client needs to communicate with another node ("principal" in Kerberos parlance) the client sends the TGT to the ticket granting service (TGS), which usually shares the same host as the KDC. After verifying the TGT is valid and the user is permitted to access the requested service, the TGS issues a ticket and session keys, which are returned to the client. The client then sends the ticket to the service server (SS) along with its service request.

  Reference: http://en.wikipedia.org/wiki/Kerberos_(protocol)

• Question 55:

  Which of the following acts is a proprietary information security standard for organizations that handle cardholder information for the major debit, credit, prepaid, e-purse, ATM, and POS cards and applies to all entities involved in payment card processing?

  A. PIPEDA

  B. PCI DSS

  C. Human Rights Act 1998

  D. Data Protection Act 1998

  Correct Answer: B

  Reference: http://en.wikipedia.org/wiki/Payment_Card_Industry_Data_Security_Standard

• Question 56:

  The term social engineering is used to describe the various tricks used to fool people (employees, business partners, or customers) into voluntarily giving away information that would not normally be known to the general public.

  

  What is the criminal practice of social engineering where an attacker uses the telephone system in an attempt to scam the user into surrendering private information?

  A. Phishing

  B. Spoofing

  C. Tapping

  D. Vishing

  Correct Answer: A

  Reference: http://en.wikipedia.org/wiki/Voice_phishing

• Question 57:

  Which of the following equipment could a pen tester use to perform shoulder surfing?

  A. Binoculars

  B. Painted ultraviolet material

  C. Microphone

  D. All the above

  Correct Answer: A

  Reference: http://en.wikipedia.org/wiki/Shoulder_surfing_(computer_security)

• Question 58:

  Which of the following password hashing algorithms is used in the NTLMv2 authentication mechanism?

  A. AES

  B. DES (ECB mode)

  C. MD5

  D. RC5

  Correct Answer: C

• Question 59:

  Identify the attack represented in the diagram below: A. Input Validation

  

  B. Session Hijacking

  C. SQL Injection

  D. Denial-of-Service

  Correct Answer: B

  Reference: http://en.wikipedia.org/wiki/Session_hijacking

• Question 60:

  Which of the following is developed to address security concerns on time and reduce the misuse or threat of attacks in an organization?

  A. Vulnerabilities checklists

  B. Configuration checklists

  C. Action Plan

  D. Testing Plan

  Correct Answer: A